Đang chuẩn bị liên kết để tải về tài liệu:
SUMMARY OF THE HIPAA PRIVACY RULE

For all its unique and novel aspects, social media is simply another method by which individuals and entities interact and communicate. In the insurance context, these individuals and entities include insurance companies, their employees, appointed producers, consumers, potential consumers and regulators. Thus, this document is intended to both educate these various groups and provide guidance to regulators, insurance companies and producers for addressing various social media concerns. If insurance companies, producers and regulators are to meet the challenges of this evolving technology, it is important that insurance entities have confidence that their investments. | OCR PRIVACY BRIEF SUMMARY OF THE HIPAA PRIVACY RULE HIPAA Compliance Assistance SUMMARY OF THE HIPAA PRIVACY RULE Contents Introduction.1 Statutory Regulatory Background.1 Who is Covered by the Privacy Rule.2 Business Associates.3 What Information is Protected.3 General Principle for Uses and Disclosures.4 Permitted Uses and Disclosures.4 Authorized Uses and Disclosures.9 Limiting Uses and Disclosures to the Minimum Necessary.10 Notice and Other Individual Rights.11 Administrative Requirements.14 Organizational Options.15 Other Provisions Personal Representatives and Minors.16 State Law.17 Enforcement and Penalties for Noncompliance.17 Compliance Dates.18 Copies of the Rule Related Materials.18 End Notes.19 i SUMMARY OF THE HIPAA PRIVACY RULE Introduction The Standards for Privacy of Individually Identifiable Health Information Privacy Rule establishes for the first time a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services HHS issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 HIPAA . 1 The Privacy Rule standards address the use and disclosure of individuals health information called protected health information by organizations subject to the Privacy Rule called covered entities as well as standards for individuals privacy rights to understand and control how their health information is used. Within HHS the Office for Civil Rights OCR has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties. A major goal of the Privacy Rule is to assure that individuals health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public s health and well being. The Rule strikes a balance that permits important uses of information while protecting the privacy .